AWS Shield protects networks and applications by identifying network security configuration issues and defending applications against active web exploitation and distributed denial of service (DDoS) events. Shield network security director (in preview) performs an analysis of your resources to help you visualize your network topology, identify configuration issues, and receive actionable remediation recommendations.
For managed DDoS protection, AWS Shield Advanced offers always-on automatic mitigation of sophisticated DDoS events to minimize application downtime and latency. You can customize your DDoS protection strategy using application-specific security controls and expert guidance from the Shield Response Team during active DDoS incidents.